New USB-C Authentication Program Seems Promising

by

January 3, 2019

If you’re a Mac user, like most of us at the Security7 office are, you’re already using USB-C in some form. It was a tough switch. There were…dongles. Lots and lots of dongles.

Dongles for literally everything!

Slowly but surely the new USB-C standard has been catching on (which is a good thing) and it looks like its about to get better.

The USB-IF (USB Implementers Forum) has announced a new optional cryptographic standard that sounds fairly promising:

USB Type-C Authentication empowers host systems to protect against non-compliant USB chargers and to mitigate risks from malicious firmware/hardware in USB devices attempting to exploit a USB connection. Using this protocol, host systems can confirm the authenticity of a USB device, USB cable or USB charger, including such product aspects as the capabilities and certification status. All of this happens right at the moment a connection is made – before inappropriate power or data can be transferred.

You can read more about the standard at the link below and we suggest you do. The ability to authenticate only known USB devices sounds pretty nifty to us and it might sound that way to you too.

Learn more here: https://usb.org/sites/default/files/article_files/USB_Type-C_Authentication_PR_FINAL.pdf

Carl Keyser is the Content Manager at Integris.

Keep reading

Strong Cybersecurity Postures: How to Unleash their Power

Strong Cybersecurity Postures: How to Unleash their Power

In the vast digital landscape where virtual dragons and sneaky trolls roam a strong cybersecurity posture has never been more important. Imagine a band of modern-day knights led by our protagonist, Alex. Armed with a trusty laptop and a cup of coffee, Alex navigates...

How to Spot a Phishing Attack in 2023

How to Spot a Phishing Attack in 2023

In 2023 cyber threats lurk behind every tree trunk in today's digital jungle, and cybersecurity awareness is more critical than ever. Among the craftiest of these threats are phishing attacks. Phishing attacks are cunningly engineered with social manipulation at their...

How to Choose an IT Consultant in Boulder, CO

Regardless of industry size or type, Boulder IT consultants play a massive role in the way companies in the Boulder area do business. While most companies may have their own in-house IT department, many of these departments are small and cannot handle all the...